How to Stop the New Java 7 Exploit from Installing Malware on Your Mac or PC

A new vulnerability in Java 7 has been added to the BlackHole exploit kit and Metasploit that allows malicious software to be installed on Windows, Mac OS X, and Linux computers. So far, it has only been reported on Windows, but security experts say it would be easy to target any computer that had the newest version of Java installed. David Maynor, the CTO of Errata Security, says it's "about a bad a bug as I've ever seen."
Kaspersky Lab's Kurt Baumgartner mapped the attacks, finding the hardest hit to be China and Russia.
Symantec discovered two websites that were using the attacks. Here's how their analysis says it works:
"The vulnerability consists of a privilege escalation due to a class that allows access to protected members of system classes, which should not be accessible. Because of this, malicious code can bypass the restrictions imposed by the sandbox and use the 'getRuntime().exec()' function in order to execute a malicious payload."

How to Protect Yourself

The only way to be 100% safe is to disable or uninstall Java completely, but if you need it for a lot of apps or websites that you use frequently (likeMinecraft), that may not be an option. The vulnerability has been found to only work in Java 7, so you can also install an older version.

Disabling Java in a Browser

  • Firefox: Firefox >> Add-ons >> Disable Java
  • Internet Explorer: Tools >> Manage add-ons >> Disable Java
  • Chrome: type about:plugins in the address bar >> Disable Java

Uninstalling Java

  • Windows: Open the Control Panel and click on Uninstall Programs. Select Java and click Uninstall.
  • Mac: Most Macs still have Java 6 installed, but if you have the newest version on yours, you can disable it by going to System >> Library >>Frameworks and removing the file called "JavaVM.framework."

Installing Java 6

If you do need to use Java, you can download an older version that isn't affected by the exploit here. The download page also has guides to installing the software on Windows, Solaris, and Linux.
UPDATE: A patch to fix the exploit has been released. Download it here.
Share on Google Plus

Lose Stress Related Belly Fat Faster With DEACTIVATE

Become A Millionare By Joining The Millionaire's Society

This site has been around for a while. When a money making site lasts, that means it's real. Not another flash in the pan scheme. This site has made many people millionaires. The Millionaire society has helped lots of people reach that status. You can join the club and let them help you get there. It's not overnight... just a steady build up of more and more money. Try the Millionaire Society today and start building real wealth.
============More Details ============